Please Dojo, are there any cases where it could be feasible to use HTTPS only on specific DMAs in a DMS cluster?
Alternatively, is it ok to assume that when a cluster is shifted to HTTPS, all of the related DMAs must use https?
Thanks
Alberto De Luca [DevOps Enabler] Selected answer as best 5th May 2023
HTTPS is optional, but highly recommended (otherwise data between clients and the DMA is transferred unencrypted including passwords of users logging in etc).
HTTPS has to be configured per DMA, it's not required to configure it on every DMA of the DMS cluster. For example, HTTPS can be configured on the frontend DMA only, although we recommend to enforce it on all DMAs.
Alberto De Luca [DevOps Enabler] Selected answer as best 5th May 2023
Thanks for the prompt feedback, Wim – much appreciated
Checking this area of the documentation, but haven’t found any specific recommendation in terms of scenarios where the HTTPS could be deployed on part of a DMS cluster:
https://docs.dataminer.services/user-guide/Advanced_Functionality/DataMiner_Agents/Configuring_a_DMA/Setting_up_HTTPS_on_a_DMA.html#specifying-auto-detection-information-for-an-inter-dma-https-connection